fix(parser): improve error handling

teebow1e · teebow1e · commit bcb0074a3608 · 2024-07-03T11:08:59.000+07:00
diff --git a/src/main/java/entrypoint/Config.java b/src/main/java/entrypoint/Config.java
@@ -20,6 +20,7 @@ private Config() {
     }
     private static JsonNode pathConfig;
     private static String currentlyLoggedOnUser;
+    public final static String NOT_AVAILABLE_TEXT = "N/A";
     private static final String CONFIG_DIR_PATH =
             System.getProperty("user.dir") + File.separator + ".config";
     private static final String ACCOUNTS_FILE_PATH =
@@ -110,7 +111,7 @@ public static void firstRunAction() {
                 } else {
                     logger.log(Level.SEVERE,"[FirstRun] Unable to create path config file.");
                 }
-                Utility.extractFileToLocal("GeoLite2-Country.mmdb", ".");
+                Utility.extractFileToLocal("db/GeoLite2-Country.mmdb", ".");
             } else {
                 showAlert(ERROR_LABEL,
                         "Problem occured during first-run action. The program can not continue."
diff --git a/src/main/java/loganalyzer/ApacheParser.java b/src/main/java/loganalyzer/ApacheParser.java
@@ -21,26 +21,39 @@ private ApacheParser() {
         throw new IllegalStateException("Utility class");
     }
     private static final Pattern ipAddrPattern = Pattern.compile("((\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})|([0-9a-fA-F]{1,4}(:[0-9a-fA-F]{1,4}){7}))");
+    private static final Pattern ipv6AddrPattern = Pattern.compile("([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])");
     private static final Pattern timestampPattern = Pattern.compile("\\[(\\d{2}/[A-Za-z]{3}/\\d{4}:\\d{2}:\\d{2}:\\d{2} [+\\-]\\d{4})]");
     private static final Pattern userAgentPattern = Pattern.compile("\"([^\"]*)\"[^\"]*$");
     private static final Logger logger = Logger.getLogger(ApacheParser.class.getName());
     public static String parseIpAddress(String logLine) {
-        return findFirstMatch(logLine, ipAddrPattern);
+        if (findFirstMatch(logLine, ipAddrPattern) == null) {
+            return findFirstMatch(logLine, ipv6AddrPattern);
+        } else {
+            return findFirstMatch(logLine, ipAddrPattern);
+        }
     }
     public static String parseTimestamp(String logLine) {
         String parsedLog = findFirstMatch(logLine, timestampPattern);
         if (parsedLog != null) {
-            return parsedLog.substring(1, parsedLog.length() - 1);
+            try {
+                return parsedLog.substring(1, parsedLog.length() - 1);
+            } catch (Exception e) {
+                return Config.NOT_AVAILABLE_TEXT;
+            }
         } else {
-            return null;
+            return Config.NOT_AVAILABLE_TEXT;
         }
     }
     public static String parseUserAgent(String logLine) {
         String parsedLog = findFirstMatch(logLine, userAgentPattern);
         if (parsedLog != null) {
-            return parsedLog.substring(1, parsedLog.length() - 1);
+            try {
+                return parsedLog.substring(1, parsedLog.length() - 1);
+            } catch (Exception e) {
+                return Config.NOT_AVAILABLE_TEXT;
+            }
         } else {
-            return null;
+            return Config.NOT_AVAILABLE_TEXT;
         }
     }
 
@@ -51,39 +64,60 @@ public static String[] parseAllInOne(String logLine) {
     public static String parseMethod(String[] aioArr) {
         String tempMethodValue = getElementSafely(aioArr, 5);
         if (tempMethodValue != null) {
-            return tempMethodValue.replace("\"", "");
+            try {
+                return tempMethodValue.replace("\"", "");
+            } catch (Exception e) {
+                return Config.NOT_AVAILABLE_TEXT;
+            }
         }
-        return null;
+        return Config.NOT_AVAILABLE_TEXT;
     }
 
     public static String parseProtocol(String[] aioArr) {
         String tempMethodValue = getElementSafely(aioArr, 7);
         if (tempMethodValue != null) {
-            return tempMethodValue.replace("\"", "");
+            try {
+                return tempMethodValue.replace("\"", "");
+            } catch (Exception e) {
+                return Config.NOT_AVAILABLE_TEXT;
+            }
         }
-        return null;
+        return Config.NOT_AVAILABLE_TEXT;
     }
 
     public static String parseRequestPath(String[] aioArr) {
         String tempMethodValue = getElementSafely(aioArr, 6);
         if (tempMethodValue != null) {
-            return tempMethodValue.replace("\"", "");
+            try {
+                return tempMethodValue.replace("\"", "");
+            } catch (Exception e) {
+                return Config.NOT_AVAILABLE_TEXT;
+            }
         }
-        return null;
+        return Config.NOT_AVAILABLE_TEXT;
     }
 
     public static int parseStatusCode(String[] aioArr) {
         String tempMethodValue = getElementSafely(aioArr, 8);
         if (tempMethodValue != null) {
-            return Integer.parseInt(tempMethodValue.replace("\"", ""));
+            try {
+                return Integer.parseInt(tempMethodValue.replace("\"", ""));
+            } catch (Exception e) {
+                return 0;
+            }
+
         }
         return 0;
     }
 
     public static int parseContentLength(String[] aioArr) {
         String tempMethodValue = getElementSafely(aioArr, 9);
         if (tempMethodValue != null) {
-            return Integer.parseInt(tempMethodValue.replace("\"", ""));
+            try {
+                return Integer.parseInt(tempMethodValue.replace("\"", ""));
+            } catch (Exception e) {
+                return 0;
+            }
         }
         return 0;
     }
@@ -102,8 +136,7 @@ public static Apache parseLogLine(String line) {
                     parseUserAgent(line)
             );
         } catch (Exception e) {
-            System.out.println(e);
-            System.out.println(line);
+            logger.log(Level.WARNING, "An error occurred during parsing phase: {0}", e);
         }
         return null;
     }
diff --git a/src/main/java/loganalyzer/ModSecurityParser.java b/src/main/java/loganalyzer/ModSecurityParser.java
@@ -36,7 +36,7 @@ public static String parseAttackType(String data) {
             String filename = filePath.substring(filePath.lastIndexOf('/') + 1);
             return filename.replace(".conf", "");
         } else {
-            return null;
+            return Config.NOT_AVAILABLE_TEXT;
         }
     }
 
@@ -47,7 +47,7 @@ public static String parseAttackMsg(String data) {
         if (matcher.find()) {
             return matcher.group(1);
         } else {
-            return null;
+            return Config.NOT_AVAILABLE_TEXT;
         }
     }
 
@@ -58,7 +58,7 @@ public static String parseAttackData(String logEntry) {
         if (matcher.find()) {
             return matcher.group(1);
         } else {
-            return null;
+            return Config.NOT_AVAILABLE_TEXT;
         }
     }
 
@@ -69,7 +69,7 @@ public static String parseSeverity(String data) {
         if (matcher.find()) {
             return matcher.group(1);
         } else {
-            return null;
+            return Config.NOT_AVAILABLE_TEXT;
         }
     }
 
@@ -81,7 +81,7 @@ public static String parseVersion(String data) {
         if (matcher.find()) {
             return matcher.group(1);
         } else {
-            return null;
+            return Config.NOT_AVAILABLE_TEXT;
         }
     }
 
diff --git a/src/main/java/loganalyzer/TestApacheParser.java b/src/main/java/loganalyzer/TestApacheParser.java
@@ -0,0 +1,10 @@
+package loganalyzer;
+
+import static loganalyzer.ApacheParser.parseLogLine;
+
+public class TestApacheParser {
+    public static void main(String[] args) {
+        Apache apacheParsed = parseLogLine("127.0.0.1 - - [03/Jul/2024:18:21:46 +0700] \"GET /dashboard/ HTTP/1.1\" 304 - \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Edg/126.0.0.0\"");
+        System.out.println(apacheParsed);
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -36,7 +36,7 @@ public static String parseAttackType(String data) {`
`36`	`36`	`String filename = filePath.substring(filePath.lastIndexOf('/') + 1);`
`37`	`37`	`return filename.replace(".conf", "");`
`38`	`38`	`} else {`
`39`		`- return null;`
	`39`	`+ return Config.NOT_AVAILABLE_TEXT;`
`40`	`40`	`}`
`41`	`41`	`}`
`42`	`42`
`@@ -47,7 +47,7 @@ public static String parseAttackMsg(String data) {`
`47`	`47`	`if (matcher.find()) {`
`48`	`48`	`return matcher.group(1);`
`49`	`49`	`} else {`
`50`		`- return null;`
	`50`	`+ return Config.NOT_AVAILABLE_TEXT;`
`51`	`51`	`}`
`52`	`52`	`}`
`53`	`53`
`@@ -58,7 +58,7 @@ public static String parseAttackData(String logEntry) {`
`58`	`58`	`if (matcher.find()) {`
`59`	`59`	`return matcher.group(1);`
`60`	`60`	`} else {`
`61`		`- return null;`
	`61`	`+ return Config.NOT_AVAILABLE_TEXT;`
`62`	`62`	`}`
`63`	`63`	`}`
`64`	`64`
`@@ -69,7 +69,7 @@ public static String parseSeverity(String data) {`
`69`	`69`	`if (matcher.find()) {`
`70`	`70`	`return matcher.group(1);`
`71`	`71`	`} else {`
`72`		`- return null;`
	`72`	`+ return Config.NOT_AVAILABLE_TEXT;`
`73`	`73`	`}`
`74`	`74`	`}`
`75`	`75`
`@@ -81,7 +81,7 @@ public static String parseVersion(String data) {`
`81`	`81`	`if (matcher.find()) {`
`82`	`82`	`return matcher.group(1);`
`83`	`83`	`} else {`
`84`		`- return null;`
	`84`	`+ return Config.NOT_AVAILABLE_TEXT;`
`85`	`85`	`}`
`86`	`86`	`}`
`87`	`87`